Lucene search
K

8 matches found

Check Point Advisories
Check Point Advisories
added 2021/12/28 12:0 a.m.50 views

Apache ShenYu Admin Authentication Bypass (CVE-2021-37580)

A authentication bypass vulnerability exists in the Apache ShenYu Admin. The vulnerability is due to improper handling of the incoming HTTP requests...

7.5CVSS1.6AI score0.40058EPSS
Exploits2
vulnersOsv
vulnersOsv
added 2021/11/17 11:15 p.m.3 views

org.apache.shenyu:shenyu-admin-dist (=2.4.0) potentially affected by CVE-2021-37580 via org.apache.shenyu:shenyu-admin (=2.4.0)

org.apache.shenyu:shenyu-admin MAVEN version =2.4.0 is affected by a known vulnerability. The following packages have a transitive dependency on org.apache.shenyu:shenyu-admin and may be impacted: - org.apache.shenyu:shenyu-admin-dist =2.4.0 Source cves: CVE-2021-37580 Source advisory:...

9.8CVSS7.2AI score0.40058EPSS
Exploits2
Circl
Circl
added 2021/11/17 1:31 p.m.39 views

CVE-2021-37580

creationtimestamp| type| source ---|---|--- 2021-11-17 13:31:40+00:00| published-proof-of-concept| https://t.me/GithubRedTeam/868 2021-11-18 00:23:00+00:00| published-proof-of-concept| https://t.me/hackertrick/440 2021-11-20 06:56:13+00:00| published-proof-of-concept| https://t.me/BlueRedTeam/119...

9.8CVSS7.3AI score0.40058EPSS
In wildExploits2References9
GithubExploit
GithubExploit
added 2021/11/17 1:26 p.m.839 views

Exploit for Improper Authentication in Apache Shenyu

CVE-2021-37580 0x00 Vulnerability Details Vulnerability...

9.8CVSS7.2AI score0.40058EPSS
Exploits2
GithubExploit
GithubExploit
added 2021/11/17 8:33 a.m.271 views

Exploit for Improper Authentication in Apache Shenyu

Apache ShenYu Admin has a vulnerability that allows for authenti...

9.8CVSS7.2AI score0.40058EPSS
Exploits2
NVD
NVD
added 2021/11/16 10:15 a.m.22 views

CVE-2021-37580

A flaw was found in Apache ShenYu Admin. The incorrect use of JWT in ShenyuAdminBootstrap allows an attacker to bypass authentication. This issue affected Apache ShenYu 2.3.0 and 2.4.0...

9.8CVSS0.40058EPSS
Exploits2References2
Cvelist
Cvelist
added 2021/11/16 9:35 a.m.28 views

CVE-2021-37580 Apache ShenYu Admin bypass JWT authentication

A flaw was found in Apache ShenYu Admin. The incorrect use of JWT in ShenyuAdminBootstrap allows an attacker to bypass authentication. This issue affected Apache ShenYu 2.3.0 and 2.4.0...

9.6AI score0.40058EPSS
Exploits2References2
CVE
CVE
added 2021/11/16 9:35 a.m.104 views

CVE-2021-37580

Apache ShenYu Admin (ShenyuAdminBootstrap) contains an authentication bypass flaw due to the incorrect use of JWT, affecting ShenYu 2.3.0 and 2.4.0. The vulnerability can allow an attacker to bypass authentication and gain admin access, with high-severity CVSS scores (3.1: CRITICAL, base score 9....

9.8CVSS9.3AI score0.40058EPSS
In wildExploits2References2Affected Software1
Rows per page
Query Builder